package com.cy.jt.security.config;


import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

@EnableGlobalMethodSecurity(prePostEnabled = true)
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter{

 @Override
 protected void configure(HttpSecurity http) throws Exception{
  http.csrf().disable();//关闭跨域攻击
  http.formLogin().loginPage("/login.html")
                        .loginProcessingUrl("/login")
//                         .usernameParameter("username")
//                          .passwordParameter("password")
                          .defaultSuccessUrl("/index.html");//重定向
//                             .successHandler(new RedirectAuthenticationSuccessHandler("http://www.tedu.cn"));
//                                .successHandler(new JsonAuthenticationSuccessHandler())
//                              .failureHandler(new JsonAuthenticationFailureHandler());
//  转发和重定向，转发在服务器上跳转，重定向在客户端跳转，
//                 .successForwardUrl("/index"); // .successForwardUrl("/index.html");//转发
 http.logout().logoutUrl("/logout").logoutSuccessUrl("/login.html?logout");
 http.exceptionHandling().authenticationEntryPoint(new DefaultAuthenticationEntryPoint())//不能绕过登录直接访问业务接口（直接通过网址访问）
               .accessDeniedHandler(new DefaultAccessDeniedExceptionHandler());

  http.authorizeRequests().antMatchers("/login.html")
                 .permitAll()
                  .anyRequest().authenticated();
 }

 // @Bean
 @Bean("bcrypt")//取别名
 public BCryptPasswordEncoder passwordEncoder(){
  return new BCryptPasswordEncoder();
 }

}
